Configuring the diverse Exchange virtual directories I know it is best practise to use split-dns and same url for internal url & external url.
So for my installation I have setup all internal & external urls to exchange.contoso.com
For "SSO" I have enabled NTLM on vdirs and outlook anywhere for internal authentication
But I also see there is an "external authentication" we can configure.
1) 1st question, is it wise to keep internal & external authentication on vdirs the same and what is most common configuration (keep the same)?
2) 2nd question, when do we need to configure external authentication and when does Exchange use external authentication?
3) If we have a KEMP/TMG/F5 reverse proxy device for external user access does Exchange consider them "external"?
4) And if we just load balance the Exchange servers internally with NLB and use NTLM, should we keep internal & external authentication the same?
So for my installation I have setup all internal & external urls to exchange.contoso.com
For "SSO" I have enabled NTLM on vdirs and outlook anywhere for internal authentication
But I also see there is an "external authentication" we can configure.
1) 1st question, is it wise to keep internal & external authentication on vdirs the same and what is most common configuration (keep the same)?
2) 2nd question, when do we need to configure external authentication and when does Exchange use external authentication?
3) If we have a KEMP/TMG/F5 reverse proxy device for external user access does Exchange consider them "external"?
4) And if we just load balance the Exchange servers internally with NLB and use NTLM, should we keep internal & external authentication the same?